RESOLVED FIXED 159841
CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec. 
https://bugs.webkit.org/show_bug.cgi?id=159841
Summary CSP: Improve support for multiple policies to more closely conform to the CSP...
Daniel Bates
Reported 2016-07-15 15:36:36 PDT
Towards making our CSP multiple policies machinery more closely conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016), implement support for sending multiple CSP violation reports.
Attachments
Patch and Layout Tests (140.13 KB, patch)
2016-07-15 15:47 PDT, Daniel Bates 		bfulgham: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2016-07-15 15:37:01 PDT
<rdar://problem/27381684>
Daniel Bates
Comment 2 2016-07-15 15:47:43 PDT
Created attachment 283804 [details] Patch and Layout Tests
WebKit Commit Bot
Comment 3 2016-07-15 15:49:31 PDT
Attachment 283804 [details] did not pass style-queue: ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:319: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:332: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:372: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:396: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:411: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:429: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:442: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:457: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:475: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:490: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:506: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:521: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:536: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:551: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:566: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:581: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:596: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.cpp:611: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/page/csp/ContentSecurityPolicy.h:179: Extra space before ( in function call [whitespace/parens] [4] Total errors found: 19 in 61 files If any of these errors are false positives, please file a bug against check-webkit-style.
Brent Fulgham
Comment 4 2016-07-18 09:32:21 PDT
Comment on attachment 283804 [details] Patch and Layout Tests View in context: https://bugs.webkit.org/attachment.cgi?id=283804&action=review r=me > Source/WebCore/page/csp/ContentSecurityPolicy.cpp:310 > + return { true, true }; This could be a 'break' instead ...
Daniel Bates
Comment 5 2016-07-19 16:34:27 PDT
Comment on attachment 283804 [details] Patch and Layout Tests View in context: https://bugs.webkit.org/attachment.cgi?id=283804&action=review >> Source/WebCore/page/csp/ContentSecurityPolicy.cpp:310 >> + return { true, true }; > > This could be a 'break' instead ... Will change.
Daniel Bates
Comment 6 2016-07-19 16:39:27 PDT
Committed r203434: <http://trac.webkit.org/changeset/203434>
Note You need to log in before you can comment on or make changes to this bug.